[Snort-users] Upgrading to Snort 2.0.2 or 2.0.3

Erek Adams erek at ...950...
Wed Nov 5 07:54:21 EST 2003

On Wed, 5 Nov 2003, Egal A Egal - SA wrote:

> I am currently running "snort-1.9.1-1snort" on RHL 9.0. I was wondering
> how could I upgrade this to either 2.0.2 or 2.0.3 without having to
> disturb my PHP/MySQL and other settings. If one could give me the
> details of how to do this I'd greatly appreciate this.

Should be fairly simple.

1)  Archive all your old stuff.  Backups == life preserver.
2)  Remove _all_ your old stuff, but not the backups. :)
3)  Uncompress, untar, cd snort-2.0.3, ./configure <options> , make, make
4)  cp etc/* to <snort_config_dir>
5)  cp rules/* to <snort_rules_dir>
6)  Modify the new snort.conf to reflect your network (HOME_NET, etc.)
7)  Restart with the new version.

Now, one thing that you may need to do is update your DB schema.
Depending on the changes, between schemas it could be simple or complex.
IIRC, 1.06 is the current schema and I don't think it's changed from
before Snort 1.8.6.  If that's the case, you're good.  If not, you may
have to drop all your tables/data and recreate (the simple way), or
actually modify the tables to the new schema (icky).


Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson

More information about the Snort-users mailing list